Description
Currently the HystrixPlugins implementation provides a single globally static mechanism for registering plugins.
It's simple and easy to grok but also has non-obvious issues.
This is a new concern for Hystrix as internally at Netflix there was only ever the "default behavior" but now anything can be customized.
If a system starts up, uses some HystrixCommands and then registers new plugins, the commands executed before will have already initialized metrics, thread-pools, metrics publishers, properties and other such things expected to live for the live of the JVM.
They are cached for a given HystrixCommandKey.
The simple answer is to just clear the caches and let everything initialize again.
That isn't quite so simple though because these aren't just objects that get garbage collected.
We need shutdown hooks then for thread-pools and metrics publishers to unpublish and gracefully cleanup - things that typically don't ever happen.
The possible approaches I've thought of are:
- Bootstrap with JVM properties
If properties were injected from the command-line (ie -Dhystrix.plugin.???=???) then we could guarantee that all HystrixCommand executions initialize with the correct values on system startup.
- Lifecycle Hooks
All plugin implementations (including the defaults) could have shutdown hooks that get executed when another plugin is registered and the plugin implementation is responsible for tearing down any resources is allocated (thread-pools, metrics being published, etc).
- IllegalStateExceptions to lock down
Allow "locking" the plugin config so that no further plugins can be registered and alter behavior.
If something tries it would get an IllegalStateException.
This would at least protect against unexpected race conditions or malicious overrides of behavior (a bad library for example).
Nothing has been done on this yet as none of the solutions are great so I'm thinking on it more and discussing with others.
Activity